Twitter oAuth 错误 32 无法在 App Engine 上使用 Java 对您进行身份验证

Question

在 Google App Engine 中使用 Java 中的 Twitter API，我正在尝试验证凭据以获取 id_str，但出现错误 32 - 无法对您进行身份验证 https://dev.twitter.com/docs/api/1.1/get/account/verify_credentials

我已经通过https://dev.twitter.com/docs/auth/implementing-sign-twitter 工作并获得了 accessToken 和 secret OK。

如果我用 OAuth 工具中的示例覆盖 oauth_nonce 和 oauth_timestamp，那么我的 Signature 基本字符串和 Authorization 标头与示例匹配，所以我猜我的签名部分没问题。

我想知道这是否是我从 Java 发出 GET 的方式？我一直在尝试，但有点卡住了。我试图更好地理解 oAuth 的工作原理，这就是我没有使用库的原因。任何帮助或指点将不胜感激。

public String getTwitterID(String oauth_token, String oauth_token_secret){  
    String answer = "";         
    String oauth_signature_method = "HMAC-SHA1";
    String oauth_consumer_key = apiKey;
    String uuid_string = UUID.randomUUID().toString();
    uuid_string = uuid_string.replaceAll("-", "");
    String oauth_nonce = uuid_string; //random alphanumeric string
    //oauth_nonce = "e1c55102427763bf3570093497b445ff";
    String oauth_timestamp = (new Long(System.currentTimeMillis() / 1000))
            .toString(); 
    //The parameter string must be in alphabetical order
    //oauth_timestamp = "1397181466";
    String parameter_string = "oauth_consumer_key=" + oauth_consumer_key
            + "&oauth_nonce=" + oauth_nonce + "&oauth_signature_method="
            + oauth_signature_method + "&oauth_timestamp="
            + oauth_timestamp
            + "&oauth_token=" + oauth_token
            + "&oauth_version=1.0";
    System.out.println("parameter_string=" + parameter_string);

    String signature_base_string = "";      
    try {
        signature_base_string = "GET&https%3A%2F%2Fapi.twitter.com%2F1.1%2Faccount%2Fverify_credentials.json&" + URLEncoder.encode(parameter_string, "UTF-8");
    } catch (UnsupportedEncodingException e2) {
        // TODO Auto-generated catch block
        e2.printStackTrace();
    }
    System.out.println("signature_base_string=" + signature_base_string);
    String oauth_signature = "";
    try {
        oauth_signature = computeSignature(signature_base_string,
                apiSecret + "&" + oauth_token_secret);
        System.out.println("oauth_signature=" + oauth_signature);
    } catch (GeneralSecurityException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    } catch (UnsupportedEncodingException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    }

    try {
        oauth_signature = URLEncoder.encode(oauth_signature, "UTF-8");
        System.out.println("encoded oauth_signature=" + oauth_signature);
    } catch (UnsupportedEncodingException e1) {
        // TODO Auto-generated catch block
        e1.printStackTrace();
    }

    // The parameter list must be in alphabetical order
    String oauth_header = "OAuth oauth_consumer_key=\"";
    oauth_header += oauth_consumer_key;
    oauth_header += "\", oauth_nonce=\"";
    oauth_header += oauth_nonce;    
    oauth_header += "\", oauth_signature=\"";
    oauth_header += oauth_signature;
    oauth_header += "\", oauth_signature_method=\"";
    oauth_header += "HMAC-SHA1";
    oauth_header += "\", oauth_timestamp=\"";
    oauth_header += oauth_timestamp;
    oauth_header += "\", oauth_token=\"";
    oauth_header += oauth_token;
    oauth_header += "\", oauth_version=\"";
    oauth_header += "1.0\"";
    System.out.println("oauth_header=" + oauth_header);

    try {
        String request = "https://api.twitter.com/1.1/account/verify_credentials.json";
        //String request = "https://api.twitter.com/1.1/account/verify_credentials.json?" + parameter_string;
        URL url = new URL(request); 
        HttpURLConnection connection = (HttpURLConnection) url.openConnection();           
        connection.setDoOutput(true);
        connection.setDoInput(true);
        //connection.setInstanceFollowRedirects(false); 
        connection.setRequestMethod("GET"); 
        //connection.setRequestMethod("POST");

        //connection.setRequestProperty("charset", "utf-8");
        connection.setRequestProperty("Accept", "*/*"); 
        connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); 
        connection.setRequestProperty("Authorization", oauth_header);
        connection.setRequestProperty("Content-Length", "0");
        //connection.setRequestProperty("Content-Length", "" + Integer.toString(oauth_body.getBytes().length));
        connection.setUseCaches (false);
        DataOutputStream wr = new DataOutputStream(connection.getOutputStream ());
        //wr.writeBytes(oauth_body);
        wr.flush();
        wr.close();
        BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));     
        String line;
        StringBuilder str = new StringBuilder();
        while ((line = reader.readLine()) != null) {
            System.out.println(line);
            str.append(line);
        }
        reader.close();         
        connection.disconnect();     
        LOG.log(Level.WARNING, "Twitter ID JSON - " + str.toString());
        try {
            JSONObject jsonObject;
            jsonObject = new JSONObject(answer);
            answer = jsonObject.getString("id_str");
        } catch (JSONException e) {
            e.printStackTrace();
            answer = "";
        }           
    } catch (MalformedURLException e) {
        // ...
    } catch (IOException e) {
        // ...
    }
    System.out.println(answer);
    return answer;
}

Answer 1

我遇到了同样的问题，因此我寻找可以为我提供 Twitter OAuth 的库。我找到了 Twitter4j 并取得了很大的成功。

Twitter4J 可通过http://twitter4j.org/ 获得。

如果由于某种原因您不能使用 Twitter4J，也许您可​​以查看它的源代码以了解他们如何在您卡住的部分实现 OAuth。